In a shock raid on Thursday, October 30, 2025, Russian legislation enforcement detained three people suspected of making and promoting the malicious Meduza Stealer. The arrests befell in Moscow and the encompassing space, following an investigation from the Investigative Division of the Ministry of Inner Affairs of Russia, as confirmed by Irina Volk, spokesperson for Russia’s Inside Ministry.
Meduza Stealer’s Profile and Pricing
The suspects, described as ‘younger IT specialists,’ allegedly ran Meduza as a worthwhile Malware-as-a-Service (MaaS) operation since mid-2023. This infamous C++-based program rapidly grew to become a robust data stealer, able to gathering delicate knowledge, together with:
- Login Credentials: Passwords and session tokens from over 100 browsers and 27 password managers.
- Cryptocurrency: Knowledge from over 100 wallets, together with browser-based extensions.
- Messaging/Gaming: Data stolen from Telegram IM and Steam purchasers.
The malware was actively bought on underground boards and Telegram channels. Subscription pricing for the most recent model, Meduza 2.2, was set at $199 per thirty days, with a lifetime membership costing $1,199. It was additionally extremely refined, utilizing the ChaCha20 algorithm for payload encryption and anti-VM options to bypass safety evaluation.
Investigation Particulars- The Important Error
The investigation’s key turning level was the group’s alleged choice to breach a Russian authorities organisation within the Astrakhan area earlier this yr and steal categorized knowledge. This assault was maybe a deadly error as a result of Meduza Stealer was particularly designed with a geo-filter to keep away from targets in Russia, Kazakhstan, and Belarus, a important operational safety (OpSec) rule amongst native cybercriminals to take care of an implicit defend from authorities.
The Dramatic Crackdown
Police seized pc gear, telephones, and financial institution playing cards through the raids. The Video footage of the operation, carried out with the assist of Rosgvardia forces, exhibits officers storming a number of flats, and one suspect is filmed sporting ‘Hey Kitty’ pajama pants
“Three defendants have chosen varied preventive measures. All accomplices and episodes of criminal activity are established,” mentioned Volk.
Investigators additionally found the group had developed a second, unidentified piece of malware designed to disable safety defences and construct botnets. If convicted on all costs, the three younger specialists face a possible jail sentence of as much as 5 years.
This arrest alerts a transparent and consequential change in Moscow’s stance. In keeping with a current report from Recorded Future’s Insikt Group, Russia’s technique towards the native hacking scene is shifting from passive tolerance to energetic administration.
These arrests validate the discovering that Russia is utilizing selective arrests and public crackdowns to say state authority and goal home hackers who develop into too seen or politically inconvenient.
